Integration as a Concept First

| 0 Comments | 0 TrackBacks
Users must understand PSIM--physical security information management--as a concept before approaching it as a solution. PSIM envisions a central aggregation point where security data can be collected from various systems, and then homogenized and correlated into information. The system itself can then apply the appropriate pre-set policies to resolve the situation.

IT operations have been doing it with computer and network access and identity systems long enough that it's second nature (The PSIM abbreviation is merely an extension of SIM--security information management), yet for CSOs, the concept can be a bit daunting at first.

But grasping PSIM is critical. PSIM represents the intersection point for physical and logical security, surveillance, building management and compliance. That's why it stands to be a major attack point for IT companies looking to expand into physical security.

Prefatory to ISC West this week, I spoke Friday with Ajay Jain, CEO of Quantum Secure, who spelled out the parallels between PSIM and SIM, particularly in terms of identity and access management. I've started research on a larger article on the subject, but for now, here's an excerpt from Jain's remarks:

We talked to a lot of physical security directors, VPs and CIOs and started to understand their perspective of this emerging market. What it boils down to is that this market also behaves in a similar fashion as that of IT. Just like you have networking and firewall-related alarms and events coming out of your routers, firewalls and computers, you have similar kinds of events that come out of your building management systems, fire systems, your CCTV and so on. Just like in the IT world, the [physical] identity and access management market out there is very strong because the whole process of authenticating and credentialing that particular person across global facilities and zones and buildings and all that stuff is a daunting challenge.

The area where we crossover with PSIM vendors is that a lot of alarms and events that happen in the physical world affect identity. If there's a fire in Lab 21 in Japan, you immediately want to know how many people are there in that particular lab. That's where we come in and we correlate those kinds of events that can affect the identity at any given point in time. We read that and we take corrective action, whatever that action needs to be for that particular identity or set of identities that are in trouble over there.

As we see it, the parallels between the IT world and the physical world ultimately is that the PSIM category is the same as the SIM category on the IT side of the house. Where we are coming in, which is physical identity and access management, is seen as identity and access management in the IT world.

Users must understand PSIM--physical security information management--as a concept before approaching it as a solution. PSIM envisions a central aggregation point where security data can be collected from various systems, and then homogenized and correlated into information. The system itself can then apply the appropriate pre-set policies to resolve the situation.

IT operations have been doing it with computer and network access and identity systems long enough that it's second nature (The PSIM abbreviation is merely an extension of SIM--security information management), yet for CSOs, the concept can be a bit daunting at first.

But grasping PSIM is critical. PSIM represents the intersection point for physical and logical security, surveillance, building management and compliance. That's why it stands to be a major attack point for IT companies looking to expand into physical security.

Prefatory to ISC West this week, I spoke Friday with Ajay Jain, CEO of Quantum Secure, who spelled out the parallels between PSIM and SIM, particularly in terms of identity and access management. I've started research on a larger article on the subject, but for now, here's an excerpt from Jain's remarks:

We talked to a lot of physical security directors, VPs and CIOs and started to understand their perspective of this emerging market. What it boils down to is that this market also behaves in a similar fashion as that of IT. Just like you have networking and firewall-related alarms and events coming out of your routers, firewalls and computers, you have similar kinds of events that come out of your building management systems, fire systems, your CCTV and so on. Just like in the IT world, the [physical] identity and access management market out there is very strong because the whole process of authenticating and credentialing that particular person across global facilities and zones and buildings and all that stuff is a daunting challenge.

The area where we crossover with PSIM vendors is that a lot of alarms and events that happen in the physical world affect identity. If there's a fire in Lab 21 in Japan, you immediately want to know how many people are there in that particular lab. That's where we come in and we correlate those kinds of events that can affect the identity at any given point in time. We read that and we take corrective action, whatever that action needs to be for that particular identity or set of identities that are in trouble over there.

As we see it, the parallels between the IT world and the physical world ultimately is that the PSIM category is the same as the SIM category on the IT side of the house. Where we are coming in, which is physical identity and access management, is seen as identity and access management in the IT world.

No TrackBacks

TrackBack URL: http://www.securitysquared.com/cgi-bin/mt/mt-tb.cgi/10

Leave a comment